Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
141s -
max time network
194s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
04/12/2022, 06:46
General
-
Target
bb5117f9ae2fd69ed48db6940530724fb440e63759fc8fd01ef8732a35a45f87.exe
-
Size
254KB
-
MD5
97ce2390264e4f73c18c4c51f0f4f3d6
-
SHA1
2322b5042fba09709bc92c9e60aff0d343a08626
-
SHA256
bb5117f9ae2fd69ed48db6940530724fb440e63759fc8fd01ef8732a35a45f87
-
SHA512
2b301ea813d61ccde1d86c92a6f294e66799d55f7ec2c7413ba682618abe03b87cddd42a51421544adf340286c767eb10ded8e1d98e6738b5dd7e587b0d7bf7c
-
SSDEEP
768:P7Xt84hZTAOD4qNLUlVWWv+LxKY9w6CikKhgKvj5mm4WeavTD5HeXruv0GtbnhQV:PjNs5EWv+LxK0CidvneavTDYbuDbnKV
Score
3/10
Malware Config
Signatures
-
Program crash 2 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\bb5117f9ae2fd69ed48db6940530724fb440e63759fc8fd01ef8732a35a45f87.exe"C:\Users\Admin\AppData\Local\Temp\bb5117f9ae2fd69ed48db6940530724fb440e63759fc8fd01ef8732a35a45f87.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4232 -s 2642⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4232 -s 2642⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 4232 -ip 42321⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
260KB
-
Filesize
260KB